21462774e8470474a05509e20ac25fff909ef0eccc989cc4058506d2f98a5e4f | Triage

Sharing

General

Target

21462774e8470474a05509e20ac25fff909ef0eccc989cc4058506d2f98a5e4f
Size

325KB
Sample

191025-xsrm91vb62
MD5

8102b419424af37b0d219f1be873b759
SHA1

0fa1fd307b2f0ffb6b50790c157864f9f2f67add
SHA256

21462774e8470474a05509e20ac25fff909ef0eccc989cc4058506d2f98a5e4f
SHA512

ef10717371303e17490a3a353069b2980697cf356440b15c63ab6a9f2e67029253ae819c396684332d7447bcbcb3ebe160b09228006b5dd0e6cf58cf32b96146

Score

7^/10

Malware Config

Targets

- Target
  
  21462774e8470474a05509e20ac25fff909ef0eccc989cc4058506d2f98a5e4f
- Size
  
  325KB
- MD5
  
  8102b419424af37b0d219f1be873b759
- SHA1
  
  0fa1fd307b2f0ffb6b50790c157864f9f2f67add
- SHA256
  
  21462774e8470474a05509e20ac25fff909ef0eccc989cc4058506d2f98a5e4f
- SHA512
  
  ef10717371303e17490a3a353069b2980697cf356440b15c63ab6a9f2e67029253ae819c396684332d7447bcbcb3ebe160b09228006b5dd0e6cf58cf32b96146
Score

7^/10
- Windows security modification
  evasion trojan
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
task1 task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

task1

task2